We are thrilled at @BlockchainComns to be working with @KeystoneWallet on developing new specifications for interoperability between wallets & unite the blockchain industry. Happy fourth anniversary, and many more! https://twitter.com/KeystoneWallet/status/1488547135679533060
@davewiner Have you looked Zavala yet? So many outliner apps come and gone, but I need one not solely web, able to work offline on Mac & iOS, and no service lock-in. And at least as good as MORE 🤘🤛 Thoughts? https://zavala.vincode.io/2022/01/31/2.0_Release.html
Mars stealer is malware that if you are hacked or tricked into installing, will leverage the fundamental insecurity of over 40 browser plugins for digital assets, passwords & 2FA, including the dominant #metamask. Don’t keep keys in your browser! Technical details at: https://twitter.com/3xp0rtblog/status/1488505225031917572
At @BlockchainComns we are researching towards an update to our #SmartCustody book on how to protect you ETH and digital assets like NFTs. However, there are real limitations in current metamask-style architectures. Ultimately needs to be thrown away and re-thought.
RT @ChristopherA: At @BlockchainComns we are researching towards an update to our #SmartCustody book on how to protect you ETH and digital…
If you are interested in accelerating this research and our updates to #SmartCustody best practices for protecting digital assets, please financially support us with monthly patronage at https://github.com/sponsors/BlockchainCommons
RT @ChristopherA: If you are interested in accelerating this research and our updates to #SmartCustody best practices for protecting digita…
RT @helen_garneau: This #Meetup with @heathercdahl @ChristopherA and Charlyn Ho from @PerkinsCoieLLP is going to be a masterclass in #SSI…
A tough design problem, in particular in this era of hidden centralities, perverse incentives, divisive actors taking advantage of human cognitive bias, dark patterns, and outright criminality. https://twitter.com/ChristopherA/status/827970059960086528
Question for twitter engineers: I’m puzzling with MTBF/R for SD & NFC cards. If the life expectancy of powered-off flash is 10 years, but you are sharing data using SSKR (our Shamir Secret Sharing technique) for 3 of 5 devices, you can expect 1 shard of those 5 to die in 2 years?
Replying to @adamshostack
Useful, but one challenge in puzzling this all out is that flash-based ssd drives, are also somewhat different powered-on and active vs powered-off. Flash is electrons in a volume of silicon, which will tunnel out if not refreshed. Denser flash, fewer electrons, more as % tunnel.
Replying to @adamshostack
I’m thinking about buying 100 flash-based NFC cards and testing 10 a year for 10 years.
Replying to @adamshostack
Maybe some way to crowdsource this? Buy a SD card, some zk-proof when initialize it with some test data, and some QR to report when if fails?
For the 2nd time in two months our @BtcpayServer is being invoice spammed, creating thousands of invoices, creating BTC addresses that break gap limits of most #btc wallets. Every web2 server can stop this, default docker install for BTCpay can’t: https://github.com/btcpayserver/btcpayserver/issues/3190
For a few years now @BlockchainComns has been talking about our Gordian Principles for self-sovereign control of digital assets & how to assure yourself of their #SmartCustody. We’re thrilled that wallet manufacturers & designers are beginning to follow these same ideals. [1/12]
As a result, we’ve been able to put together an initial set of case studies highlighting how @FOUNDATIONdvcs Passport and @SparrowWallet ensure resilient and personal control of your digital assets. [3/12] https://github.com/BlockchainCommons/SmartCustody/blob/master/Docs/Case-Studies-Overview.md
All of our @BlockchainComns wallet interoperability specifications are meant to support the four core Gordian Principles of independence, privacy, resilience, and openness—that put the user first and enable responsible key management. [2/12]
The @SparrowWallet, though useful as a stand-alone software wallet, we’ve found is quite powerful if used as a transaction coordinator for multiple hardware wallets. Here’s our case study for how it supports the Gordian Principles. [5/12] https://github.com/BlockchainCommons/SmartCustody/blob/master/Docs/Case-Study-Sparrow.md
Following the Gordian architecture, our case studies are broadly divided into seed vaults (typically, hardware wallets) and transaction coordinators (typically, traditional software wallets, but used without seeds). [4/12] https://github.com/BlockchainCommons/Gordian#overview-gordian-architectural-model
The @FOUNDATIONdvcs Passport is a robust second-generation hardware wallet that transmits QRs through airgaps or data via Micro SDs. Here’s how it stacks up. [7/12] https://github.com/BlockchainCommons/SmartCustody/blob/master/Docs/Case-Study-Passport.md
We’ve also produced a doc on how precisely to use @SparrowWallet in the transaction coordinator role with our reference signer, Gordian Seed Tool for iOS & Mac. [6/12] https://github.com/BlockchainCommons/GordianSeedTool-iOS/blob/master/Docs/Integration.md#using-sparrow-as-a-transaction-coordinator
Next on our list to review in the coming weeks is the attractive @KeystoneWallet airgapped hardware wallet. (It has two branches of firmware, so we’ve been muddling out the best way to talk about it) [9/12]
We also authored a case study for our own Gordian Seed Tool reference signer app for iOS & Mac, to discuss how we believe it exemplifies the Gordian Principles. [8/12] https://github.com/BlockchainCommons/SmartCustody/blob/master/Docs/Case-Study-SeedTool.md
If you’re interested in writing a case study of a device for us to edit & review, or supporting us to write a new case study about your favorite wallet, please submit a PR or contact us. [11/12] https://github.com/BlockchainCommons/SmartCustody/blob/master/Docs/Case-Studies-Overview.md#more-case-studies
We believe in these Gordian Principles of independence, privacy, resilience, and openness for the entire blockchain ecosystem. We’re thrilled that hardware manufacturers & software wallet developers are pursuing these same goals! [10/12]
Sponsor our continued efforts to teach #SmartCustody, support interoperability, and create open & interoperable, secure & compassionate digital infrastructure—become a monthly financial contributor to Blockchain Commons through @github. ៚ [12/12] https://github.com/sponsors/BlockchainCommons
Replying to @madhavanmalolan
We have been working as a coordination point between wallet developers at @BlockchainComns, initial for Bitcoin but we are working toward similar standards for Ethereum wallets. Two problems: ongoing funding for infrastructure is hard, and some past poor architecture choices.
Replying to @madhavanmalolan and @BlockchainComns
Take a look at our last report: https://twitter.com/ChristopherA/status/1491828864753930240
RT @madhavanmalolan: What if …
We just stop everything we are doing and just work on fixing wallets this year?There are just not enough…
Replying to @plum_perfect
In my childhood (60s) the original tv remotes (50s) had a prominent loud “click” to press the buttons, which did some kind of non-modulated sound pulse on different frequencies that would turn on off or change the channel up or down. Thus “clicker”. https://www.theatlantic.com/technology/archive/2011/04/tech-etymology-tv-clicker/236965/
Unless QR software is corrupted, QR links are only as dangerous as any link on Twitter or in an email. Still some threats there, so we are investigating both hashlinks https://datatracker.ietf.org/doc/html/draft-sporny-hashlink and a signed version leveraging did:web did:onion & did:key. https://twitter.com/WellsLucasSanto/status/1493024571414302720
For some our current airgap wallet #SmartCustody interoperability standards and approaches see: https://github.com/BlockchainCommons/SmartCustody & https://github.com/BlockchainCommons/SmartCustody
RT @ChristopherA: Unless QR software is corrupted, QR links are only as dangerous as any link on Twitter or in an email. Still some threats…
RT @IndicioID: Indicio CEO @heathercdahl is sitting down with @ChristopherA and @charlynling1 to discuss the expectations, reality, and pos…
Replying to @WebDevLaw
Related: https://twitter.com/ChristopherA/status/1243434431903219712
RT @WebDevLaw: Then he and his team engaged in - if not invented - ethical hacking. They physically hacked their IBM punch card machines so…
RT @ChristopherA: Today at 19:06 CET (sunset in Amsterdam) is the 77th Anniversary of the attempt by The Resistance to bomb the Dutch Civil…
Inspired by today’s @RWOTEvents visioning event “Out of the Box 2052” one of my visions/wish list items for 2052 can be summarized as “Collective wisdom without collective bias”.
Artifact from my oldest visioning event (in 1988), of what I wanted by 2015. Today we together worked during a @RWOTEvents collaborative salon on a vision for 2052. More results to come. https://twitter.com/ChristopherA/status/642711322921160705
Artifact of another visioning event in 1995 as a collaboration toward a 2015 vision, created by all of our team at “Consensus Development” (we wrote the reference implementation of SSL 3.0 and TLS 1.0). Big goal: “People & computer agents that I can delegate trust to/from.”
And 6 years ago, at the 2nd #RebootingWebOfTrust design workshop, we did a visioning for 2032 that helped establish a future for decentralized identity that has inspired developments like the W3C DID standard. https://github.com/WebOfTrustInfo/rwot2-id2020/tree/master/event-documents/process
These 2016 @RWOTEvents “take-a-panels” were discussed in small team, and joint visions were created (at https://github.com/WebOfTrustInfo/rwot2-id2020/tree/master/event-documents/graphic-recording/Day-1-02-Take-A-Panel)) and the final report out:
Final commentary: Vision a positive future. Hold to your vision. Iterate on it. Make it happen!
RT @ChristopherA: Final commentary: Vision a positive future. Hold to your vision. Iterate on it. Make it happen!
RT @SSI_Ambassador: Join the @IndicioID Webinar about the expectations & reality of #SSI with @ChristopherA @heathercdahl and Charlyn Ho.…
RT @CaitlinLong_: THIS IS ONE of the 7 proposed bills from the #Wyoming #blockchain & Tech Select Committee this yr—it protects privacy of…
RT @CaitlinLong_: For #DAOs that choose to register there’s a race btwn using state cooperative laws vs state LLC laws. WY’s #DAO LLC law i…
Replying to @0xfoobar
I believe the architecture of Ethereum wallets have a fundamental problem in that they do not have functional separation of keys, much less a no-key-reuse policy. This results in a number of confused deputy problems. It can be solved, but legacy architecture likely needs to die.
Replying to @richerd
Have you seen the free #SmartCustody book from @BlockchainComns? https://github.com/BlockchainCommons/smartcustody We are seeking funding support & patronage to bring it’s approaches to the ETH & NFT community.
Replying to @sriramk, @punk6529, @donnie, @alive_eth, @nassyweazy and @eddylazzarin
RT @Melt_Dem: 1/ while the media tries to shift our attention on the looming threat of physical violence, the most prevalent form of violen…
Replying to @chelseakomlo
We are working on this now for Bitcoin, initially documenting it for our next release of the #SmartCustody book. Harder for single-signature blockchains like Ethereum, but we do have 2-level quorum secret sharing of seeds with SSKR available now in Gordian Seed Tool.
Replying to @chelseakomlo
For Bitcoin, you can see a hint/preview of some of our approaches to multisig and social key recovery (much more to come): https://github.com/BlockchainCommons/SmartCustody/blob/master/Docs/Multisig.md
Replying to @chelseakomlo
For all blockchains that don’t use true multisig, but that use seeds, you can learn from our SSKR work: https://github.com/BlockchainCommons/SmartCustody/blob/master/Docs/SSKR-Sharing.md
Replying to @chelseakomlo
Be ware with any secret sharing (including our SSKR) there are things you have to be very careful about: https://github.com/BlockchainCommons/SmartCustody/blob/master/Docs/SSKR-Dangers.md
Replying to @chelseakomlo
There are also interesting hybrids of both multisig and SSKR possible, and new cryptography (VSS, FROST) that can help. But part of the problem is that the wallets following the Metamask model may be fundamentally architecturally broken. It maybe possible to iteratively fix…
Replying to @chelseakomlo
But the essential problem is the overuse use of a single key, the account private key, to do everything. This violates long-standing principles of limiting key reuse, generation of new keys, different keys for different key purpose, etc.
Replying to @chelseakomlo
We have some ideas of how to maybe leverage a major revision of Wallet Connect 2.0 (3.0? some other name) that may solve some of these problems, but there has been insufficient will in the ecosystem to fund to support such a radical architecture so far.
Replying to @chelseakomlo
Individual people and organizations can show their support toward these efforts by becoming a monthly project or sustaining sponsor of @BlockchainComns. These are the signals that we use to prioritize our infrastructure standards efforts. https://github.com/sponsors/BlockchainCommons
Replying to @chelseakomlo
Absolutely agree! This is why our work on the Bitcoin side of the ecosystem is focused on Taproot Schnorr and toward Musig2 and Frost. However, there is still a place for slightly better than basic Shamir SS (such as 2-level Schnorr). Also, a VSS is a subpart part of Musig2.
Replying to @chelseakomlo
Again, true. This is why I help architect a design for key rotation in the W3C DID (Decentralized Identity) standards. (This feature is, unfortunately, is not mandatory in the spec). There are a number of approaches. Most are hard in the Ethereum/Metamask architecture though.
Replying to @chelseakomlo
Two issues. You are technically correct, but also incorrect. Musig2 has in its early round a VSS that is used to generate the final keys. You could do a one-party generation of this value, share, and those parties can sign things. Multiple Musig2 in a taproot tree can do quorum.
Replying to @chelseakomlo
I apologize, I am simplifying. The vast majority (of blockchain transactions (also by market cap) use ECDSA or 25519 with broken multisig. True threshold signatures typically use Schnorr (with secpk1 taproot or ristretto) but legacy bitcoin & Ethereum clones can’t use it.
@davewiner I’ve seen a number of apps with export OPML to markdown, but is are there any outliners that will import markdown to OPML? I’ve a lot text in markdown various places that I’d like to organize.
Paste of markdown into Electric Drummer seems to half of it correctly, the outline. However, it doesn’t format the links.
Paste of markdown into the Zavala app just makes it a single entry. It fails both the break up the indents into outline or format the links.
Paste of markdown into Logseq comes closest to useful as it makes each line a separate outline entry and does the link formatting, but looses the hierarchy.
It turns out pasting markdown into Logseq is more useful than I thought, but it doesn’t know the difference between a body paragraph and a L1 indent, and creates a redundant line. See GitHub issue: https://github.com/logseq/logseq/issues/4333
Replying to @davewiner, @logseq and @obsdmd
Thanks @DaveWiner — In this case, I’m trying to paste, not import. I have a really nice safari plugin tool that copies groups of bookmarks to markdown preserving its hierarchy onto clipboard. But it doesn’t support OPML to clipboard or save markdown (or OPML) to files, only HTML.
Replying to @DaveWiner
Here is a better test reference with Electric Drummer (the one I used in the Logseq bug issue report). You do the indented list of lists , but like Logseq are adding a line & the body line is at same level as first list. I’m also expecting the links to be formatted.
Replying to @davewiner
I’ve posted a feature request at https://github.com/scripting/drummerSupport/issues/155
/cc @vincode_io https://github.com/vincode-io/Zavala/issues/147
Going live in a couple of minutes. You can join anytime! https://twitter.com/IndicioID/status/1496161582312988674
RT @ChristopherA: “We must rebel against our evolutionary objectives, w/o giving an evolutionary advantage to those who refuse to do the sa…
This morning I spoke at an @IndicioID meetup, along with @charlynling1, on the topic of “Self-Sovereign Identity: Expectations & Reality”. In it we discuss some history of #SSI, revising the principles, LESS (Legally Enabled Self-Sovereign) Identity, ++ https://www.youtube.com/watch?v=JAeNQsCFgBg
Replying to @Lambo and @LilithWittmann
BTW, there are several different forms of this. Redacted signatures, where I in my presentation of the credential “redact” fields unnecessary for the business purpose or possible threats, and a variety of zk proofs that also prevent correlation, but are more complex.
Replying to @Lambo and @LilithWittmann
I’d like to see redactable signatures on verifiable credentials become the standard, as they are easy & minimize sharing. This proposal is VERY outdated, but gives the idea (I also want to support CBOR): https://w3c-ccg.github.io/lds-redaction2016/
Replying to @Lambo and @LilithWittmann
Here is one of the zero-knowledge cryptography based selective disclosure proposals. This one is more current and I believe there is more than one implementation. https://w3c-ccg.github.io/ldp-bbs2020/
Replying to @LilithWittmann, @Bindestriche and @lontrachen
I don’t buy this interpretation of what is #SSI. The principles focus on offering user choices, which include not to provide credentials, or in a redacted form.
Replying to @LilithWittmann, @Bindestriche and @lontrachen
I do agree with Georgy Ishmaev that #SSI by itself still needs a deeper examination of ethics. He has another paper out that does a better job than I to describe what and why the concept of “sovereignty” is in the identity equation: https://link.springer.com/article/10.1007/s10676-020-09563-x
Replying to @LilithWittmann, @Bindestriche and @lontrachen
“The call to reconsider the source of this right aims to reframe the procedure of an identification not as an obligation or duty of citizens to be identified derived from the sovereign right of a state…
Replying to @LilithWittmann, @Bindestriche and @lontrachen
“… but as a natural right of an individual to be represented via mediating role of institutions of identity.” — Georgy Ishmaev
Replying to @LilithWittmann, @Bindestriche and @lontrachen
“There are then compelling reasons to consider the right to be a ‘self-sovereign’ source of power to construe one’s own identity. Not just a right for the choice of attributes relevant for the presentation of one’s own identity to others, but also…
Replying to @LilithWittmann, @Bindestriche and @lontrachen
“… a right not to have one’s identity be permanently fixated in the externally imposed normative framework. The foundation of this right can be traced back to Lockean arguments on the limits of powers and rights in a free society.” — Georgy Ishmaev
Replying to @Lambo and @LilithWittmann
Here is a nice overview that started as an #RWOT paper, and is now in W3C CCG work item “Engineering Privacy for Verified Credentials: In Which We Describe Data Minimization, Selective Disclosure, and Progressive Trust”: https://w3c-ccg.github.io/data-minimization/
Replying to @LilithWittmann and @Lambo
I don’t want over-identification (or over-authentication even) either. At least LESS Identity is better than the status quo. Where I can I push for exactly what I believe you are sayin you want.
Replying to @LilithWittmann and @Lambo
This goes a long way back to my 2004 post on “Progressive Trust”. Start trust small and simple, increase as needed, and stop when is more than necessary. Binary “Trusted/Not-Trust” is an anti-pattern. Real human trust is progressive. http://www.lifewithalacrity.com/2004/08/progressive_tru.html
RT @Lambo: Happy to see my remarks on self-sovereign ID led to some meaningful exchange here between @LilithWittmann and SSI’s inventor @Ch…
RT @Lambo: And (assuming you’re interested in SSI for science and education, like us), have a close look at @SWITCH_ch in the next few mont…
#QotD: “A poet knows he has achieved perfection not when there is nothing left to add, but when there is nothing left to take away.” ⇒ Leonardo da Vinci.
I need to keep that nearer to the top of my mind when designing software, protocols & architecture.
Have you been wanting to get involved in the development of Bitcoin, blockchain tech, and human-rights identity? @BlockchainComns has announced its 2022 VIRTUAL internship program, kicking off this summer! [1/10] https://github.com/BlockchainCommons/Community/discussions/74
We love programs like @summerofbitcoin. If you are looking for a full-time paid technical internship, that’s the way to go. But, our Blockchain Commons internship is set up differently to offer some specific advantages [2/11]
One of our favorite features is our weekly office hours. We’ll not just give you the opportunity to talk with us and each other, but also guest speakers from places such as Bitcoin Core, @Blockstream, @EFF, @HRF, @W3C and more. [5/11]
We ask for a commitment of 40 hours toward virtual project work over the summer and we offer a small honorarium. We encourage interns to work collaboratively together and we teach them how to function in the open-source ecosystem. [4/11]
For one, Blockchain Commons is about more than just software & hardware engineering. We’re also looking to nurture pre-law students, technical writers, library science, and other people who might help us advocate for secure & compassionate digital infrastructure. [3/11]
Our past interns have been featured in Coindesk and have gone on to actual careers in the blockchain field. [7/11] https://www.coindesk.com/tech/2020/09/23/blockchain-commons-internship-introduces-new-developers-to-open-source/
Past internship projects have included our Spotbit pricing server, our Mori-cli app for Bitcoin inheritance, and a pseudonymity guide. What are you interested in offering to the blockchain world? [6/11] https://spotbit.info/spotbit/
We look forward to working with these aspiring students. To have them join with us to create an open & interoperable, secure & compassionate digital infrastructure. To support human dignity and enable people to control their own digital destiny. [10/11] https://www.blockchaincommons.com/vision.html
The forty hours of work (plus office hours & educational opportunities) will occur this summer from May 23, to August 15, 2022. Since it’s a virtual program, you can of course be anywhere in the world. One of the best parts is collaborating internationally! [9/11]
To apply for this year’s internships, just email us a CV with some additional info as described in this year’s call for interns. The deadline is April 22nd. [8/11] https://github.com/BlockchainCommons/Community/discussions/74
We thank @HRF for their continuing grant to support our internship programs. If you are interested in supporting Blockchain Commons financially to be able to offer more of these programs, reach out to us, or become one of our Github sponsors: https://github.com/sponsor/blockchaincommons [12/12] ៚
“As a lethal pandemic, economic and physical insecurity, and violent conflict ravaged the world, democracy’s defenders sustained heavy new losses in their struggle against authoritarian foes, shifting the international balance in favor of tyranny.” https://freedomhouse.org/report/freedom-world/2021/democracy-under-siege
RT @evernym: eIDAS 2.0 brings enormous opportunities to introduce digital credentials to all of Europe, but there are a few potential barri…
For details on the French identity civil hackers see: https://twitter.com/WebDevLaw/status/957256426392494080
For details on the Netherlands WWII story see https://youtu.be/isanNSDoSnE or… https://twitter.com/ChristopherA/status/1243434431903219712
One possible hidden tragedy in this Russian invasion is that they don’t need to capture the Dutch civil archives like the Nazis did. New civil hackers like 🇳🇱 Arondias who burned archives or 🇫🇷 Carmille who punched holes in all the cards can’t as Russians already have the data!
Just because you trust your government today does not mean that you can tomorrow. Civil service leaders must design for threats of regime change. How does Taiwan protect its citizens worldwide if invaded next? #LESSidentity #Foremembrance
Replying to @thegrugq, @UK_Daniel_Card, @mlowdi, @SwiftOnSecurity, @nycandre, @elonmusk, @moxie and @pressfreedom
At one point you could run multiple encrypted versions of the OS in the #blackphone. I fought to have one be duress invisible and only function if the right pin was used to launch one of the others. Unfortunately wasn’t easy as it was a layer violation so it didn’t happen.
RT @LALeVasseur: Maybe what we’re really calling for is more (and deliberate) ephemerality built into technology, more forgetfulness. reass…
RT @LALeVasseur: This also relates to the Me2B principle of Identification Minimization. Do this instead: “this [info/signal] applies here…
#QotD (quote of the day): https://twitter.com/DavidVorick/status/1496966414858600449
Replying to @dcwoodruff
If it continues, contact @EFF — they’ve been known to help with DMCA attacks against fair-use, offer to defend or threaten SLAPP. Here is one case where I suggested anonymous blogger @spockosbrain contact them: https://www.eff.org/deeplinks/2007/01/spocko-ksfo-and-blogospheres-allergy-copyright-thuggery
Replying to @matthewdif
Not the same threat model, but you may find some useful tips in here: https://github.com/BlockchainCommons/Pseudonymity-Guide
RT @evacide: This is important because so much of Russian civil society’s organizing happens on Facebook. I point this out every time someo…
Replying to @cmdoerfler
We try to at @BlockchainComns.
Replying to @BrianG416
I’m saying they don’t need to. We already know that Russian supported hackers have been scraping Facebook and other social networks, and have targeted Ukrainian services for at least a half-decade. They likely already have the data. And we gave it away.
My big security concern lately is the MetaMask-style & Wallet Connect 1 & 2 binding to a single key used for everything from login auth, displaying balances & NFTs, and asset transfers. Severe “confused deputy” problems. If this EIP just fixes key separation & rotation, then 👍.
The Confused Deputy problem is when an entity is inappropriately authorized to do something minor (say login) but that auth reused, tricked or coerced to do something major (say transfer an asset) that they did not intend. Very common attack vector right now with ETH & friends.
The best way to avoid this is to use different keys for different purposes. Another useful approach is a “Key Rotation” architecture, as supported by some DIDs, which allows you to keep the identifier but change the keys it uses (and deprecate the old ones).
I looked over EIP-4361 and it still appears to be single-key, single account focused, and also does not add privacy nor is rotatable. I really can’t recommend it even though it has improvements over existing wallet login methods. I believe we can and should do much better.
We (@BlockchainComns) are currently investigating how to apply the Gordian Principles for #SmartCustody for the Eth & friends wallet ecosystem. Currently seeing if there is interest by our Patrons to fund. One preliminary DRAFT on the issues is at https://hackmd.io/rEcjDqAlS3OS1bwojFiEnA
This isn’t a problem with Ethereum blockchain itself, but a real problem with how the architecture of the ETH wallet ecosystem evolved. I’m not confident it is incrementally fixable. Maybe we can, but sometimes you just need a fundamental reboot and start over.
Yes, that’s the flaw of a radically more secure design — we likely would have to abandon legacy wallets (and some common contracts!). Thus we don’t want to dive in without more evidence from our Patrons & partners that there is financial support for the long haul to do it right.
We might start instead by doing responsible key management wallet architectures with DAO treasury wallets, or some other subset of well-funded groups of users first, rather than replace wallets for individual investors.
I’m beginning to get signals that the market may be fed up with current architecture. But I’m not committing without more financial patrons committed to working together on it.
“note that our attacks on the higher-level cryptographic protocols work on new devices due to subtle attacks arising from their composability with the lower-level key-encryption…These issues further motivate the need for an open and standardized cryptographic design.” 👍 https://twitter.com/matthew_d_green/status/1495935700545454084
RT @bmann: @wycdd @ChristopherA @chrismessina @kimdhamilton @Obstropolos @SpruceID @openid @bluesky @willnorris @selfissued @justin__richer…
We have been also working on better Bitcoin wallet architectures, with what I believe are some really innovative approaches to understand threats & adversaries, eliminating single points of compromise (SPOC) & failure (SPOF). We want to expand to Ethereum: https://github.com/BlockchainCommons/SmartCustody#smartcustody-tools
We have some more papers with new bitcoin multisig-centric wallet scenarios & cold/airgap reference code coming out this week & next.